Enable False Start for OpenSSL.

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <openssl/err.h>
@@ skipping 837 matching lines @@
   SslSetClearMask mode;
 
 #if defined(SSL_MODE_RELEASE_BUFFERS)
   mode.ConfigureFlag(SSL_MODE_RELEASE_BUFFERS, true);
 #endif
 
 #if defined(SSL_MODE_SMALL_BUFFERS)
   mode.ConfigureFlag(SSL_MODE_SMALL_BUFFERS, true);
 #endif
 
+#if defined(SSL_MODE_HANDSHAKE_CUTTHROUGH)

[davidben, 2014/04/11 18:20:17]

How much do we need these ifdefs anyway? Is this because of android_webview? In
that case, perhaps we should have added further ifdefs or defines in OpenSSL so
that Android doesn't get an older False Start enabled...

+  mode.ConfigureFlag(SSL_MODE_HANDSHAKE_CUTTHROUGH,
+                     ssl_config_.false_start_enabled);
+#endif
+
   SSL_set_mode(ssl_, mode.set_mask);
   SSL_clear_mode(ssl_, mode.clear_mask);
 
   // Removing ciphers by ID from OpenSSL is a bit involved as we must use the
   // textual name with SSL_set_cipher_list because there is no public API to
   // directly remove a cipher by ID.
   STACK_OF(SSL_CIPHER)* ciphers = SSL_get_ciphers(ssl_);
   DCHECK(ciphers);
   // See SSLConfig::disabled_cipher_suites for description of the suites
   // disabled by default. Note that !SHA256 and !SHA384 only remove HMAC-SHA256
@@ skipping 710 matching lines @@
 #endif
   return SSL_TLSEXT_ERR_OK;
 }
 
 scoped_refptr<X509Certificate>
 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
   return server_cert_;
 }
 
 }  // namespace net